The Hacker News

New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel

Chrome CVE-2026-0628 let malicious extensions hijack Gemini panel for privilege escalation, local file access, and surveillance.
InfoWorld

Abandoned project linking Java, JavaScript makes a comeback

The Detroit project envisioned using JavaScript as an extension language for Java applications. Now it’s being revived with ...

Checkmk: Highly risky cross-site scripting flaw in network monitoring software

The developers have released updated Checkmk versions. They close a at least highly risky cross-site scripting vulnerability.
Honolulu Star-Advertiser

Tech-focused charter school sees academic progress

Instructor Aileen Abitong conducted computer class Wednesday with her students at Kulia Academy, the first school in the ...

This high-severity Chrome Gemini vulnerability lets malicious extensions spy on your PC

A bug in Google Chrome's Gemini AI feature could expose your data or allow attackers to monitor you. Here's how to stay protected.

‘No amount of vibe coding’ can replace Workday, new CEO says as company pushes AI agents

Workday is pushing AI agents and trying to prove that the strategy can pay off.

Chainguard Customers Have 94% Python Ecosystem Coverage for Their Environments

Chainguard, the trusted source for open source, today announced it has expanded Chainguard Libraries coverage across Python, Java, and JavaScript, with customers seeing 94% coverage across the Python ...

Workday CEO dismisses vibe coding threat as company misses revenue forecast

No amount of vibe coding” will replace the need for HR software providers like Workday, CEO Aneel Bhusri said during a call ...

Someone built an x86 CPU emulator using pure CSS, for science

The recently unveiled x86CSS project aims to emulate an x86 processor within a web browser. Unlike many other web-based ...
The Hacker News

North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT

North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT via 31 Vercel deployments.

Forget the STEM safety net. Peter Thiel warns AI is a bigger threat to technical roles than to creative thinkers

A new LinkedIn report supports some of the billionaire’s predictions, showing that job postings mentioning “storytellers” ...

LibreOffice Online dragged out of the attic, dusted off for another go

Browser-based version back on the menu, reopening questions about TDF's relationship with Collabora The Document Foundation ...